Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

You...or someone...must have tweaked Windows Firewall because I use the same Windows on board Firewall and ESET has always run fine on my system with no wrestling around necessary. Does anyone else have access to that system?

But now I still have the firewall disabled. I see the items it found are related to the print to pdf program I utilize. If this is an issue - which it seems to be - any other software recommendations? I also followed your direction and pasted the RougeKiller log below too. As for the AOL Proxy I do use AOL Dialup, but accordingly the settings should be automatic. I will look to hear your next steps. Atleast this looks like progress. Thank You.

While the firewall is disabled, please allow ESET to remove the two items it found. As to any substitute, I would have to have you clarify exactly what the software does. As it seems from your brief description, that you use it to convert pdf files for printing purposes? Is this correct? If that's all you use it for, then try IrFanView. I use it for graphics manipulation but it has a multitude of purposes, surely you'll find some usefulness with it.

As to your RogueKiller log above, it clearly shows that there are no issues relating to any proxy, as none are presented in that log. Further, this log shows NO issues of any kind relating to any serious issues commonly caused by today's most troublesome rogue applications. That looks like a clean machine to me!

0

Advertisements

nirsmar

Posted 19 May 2013 - 12:17 PM

nirsmar

Member

Topic Starter

Member

67 posts

Hello 1972Vet:

Through some trial and error I was able to run the ESET Online Scanner - How? - I disabled the Microsoft Firewall and then tried to run the ESET. It ran through to 100% and found 2 items with the log below. But now I still have the firewall disabled. I see the items it found are related to the print to pdf program I utilize. If this is an issue - which it seems to be - any other software recommendations? I also followed your direction and pasted the RougeKiller log below too. As for the AOL Proxy I do use AOL Dialup, but accordingly the settings should be automatic. I will look to hear your next steps. Atleast this looks like progress. Thank You.

You...or someone...must have tweaked Windows Firewall because I use the same Windows on board Firewall and ESET has always run fine on my system with no wrestling around necessary. Does anyone else have access to that system?

No changes or tweaks to the firewall were made. Maybe by some sort or program or something - but not knowingly. In fact - as an example - maybe you or someone within the forums can speak to this - when I selected to download the ESET online scanner - it does not even list ESET on the list to allow or deny access under the firewall - nor did any type of pop-up show up to allow/deny access. (I speak of this before I disabled the firewall of course.)

But now I still have the firewall disabled. I see the items it found are related to the print to pdf program I utilize. If this is an issue - which it seems to be - any other software recommendations?

I also followed your direction and pasted the RougeKiller log below too. As for the AOL Proxy I do use AOL Dialup, but accordingly the settings should be automatic. I will look to hear your next steps. While the firewall is disabled, please allow ESET to remove the two items it found. As to any substitute, I would have to have you clarify exactly what the software does. As it seems from your brief description, that you use it to convert pdf files for printing purposes? Is this correct? If that's all you use it for, then try

IrFanView. I use it for graphics manipulation but it has a multitude of purposes, surely you'll find some usefulness with it.

I will run ESET again while firewall is disabled - I would recommend doing a quick search for the CutePDF Writer - it is installed as a "printer" and enables the user to print a document directly to a .pdf file without the need to physically print it out. It gets saved as a .pdf file. Not sure if IfFanView is something that would work for me. I am not familiar with it - but I will review the link you posted.

As to your RogueKiller log above, it clearly shows that there are no issues relating to any proxy, as none are presented in that log. Further, this log shows NO issues of any kind relating to any serious issues commonly caused by today's most troublesome rogue applications. That looks like a clean machine to me!

A clean machine is good - except for the above mentioned. Where do we go from here with the links to the other antivirus protection links you were going to post. What other items should be run or installed to keep the system buttoned up?

Thank You.

(please note that my responses to your queries today are posted in orange. I hope I posted in the correct sequence.)

1972vet

Posted 19 May 2013 - 07:44 PM

1972vet

Trusted Helper

Malware Removal

99 posts

Please disable the active protection component of your antivirus and antispyware programs by following the directions that apply Here. ...of those, many people overlook the Windows Defender since, for most, there is no icon for it in the system tray. Scroll through those directives above and look for this application specifically, to make certain it is disabled (Microsoft Security Essentials users can disregard the Windows Defender disable instruction since while MSE is installed, Windows Defender is disabled already by default).

Please download combofix from This Webpage...and read through the instructions there for running the tool.

***Important Note***Please read through the guidance on that web page carefully and thoroughly...and install the Recovery Console. Using this tool without the Recovery Console installed is NOT RECOMMENDED.

If you have Windows Vista or Windows 7, you can skip the recovery console step...in Vista/7 it's in the System Recovery Options menu. The System Recovery Options menu is on the Windows Vista or Windows 7 installation disc. If Windows doesn't start correctly, you can use these tools to repair startup problems.

The Windows Recovery Console will allow you to boot into a special recovery (repair) mode that is not otherwise available. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It's a simple procedure that will only take a few moments.

Once installed, a blue screen prompt should appear that reads as follows:

The Recovery Console was successfully installed.

When you see that screen, please continue as follows:

Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Click Yes to allow ComboFix to continue scanning for malware.

When the tool is finished, it will produce a log file for you. Please post that log back here on your next reply. Thanks!

Note:Do not mouseclick combofix's window while it's running....that may cause the scan to stall

nirsmar

Posted 23 May 2013 - 02:02 PM

nirsmar

Member

Topic Starter

Member

67 posts

Hello 1972Vet:

I ran through your directions for the ESET Online Scanner as mentioned in your earlier posting - but ESET did not remove the two items it had found. How should I proceed with removal of the two items it has found? Secondly - I will run your most recent directions and post back with the reports. Just so we are on the same page - I just want to let you know that I currently do not have the active anti-virus software as you mention in your posted direction to disable it. I was waiting for the links to the alternatives to MSE you were going to post and download either of them.

1972vet

Posted 23 May 2013 - 04:29 PM

1972vet

Trusted Helper

Malware Removal

99 posts

Just to confirm, you used the instructions in my post #21 for running ESET:

...When prompted, install the needed software to perform the scan . When it finishes with the install, make sure to check the box titled Scan archives (the Remove found threats box should already be checked by default so PLEASE remove the check from this box).

When it completes, use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt...

...and, before you attempted to allow ESET to remove anything, you, of course, returned to the "settings" feature mentioned above, and placed the check back into the appropriate box to allow removal of items that ESET finds.

If this is an accurate accounting of the steps you took and the results you detailed, then I'd have to say you should indeed contact ESET to notify them of this...as it would be a flaw that they would need to address.

If that is NOT what happened, then please be sure to place the check back into the appropriate box which allows ESET to remove items that it finds and determines to be a threat.

As to the instructions for combofix and the disabling of security software, I should point out that your system would still have the Windows Defender running it's real time protective feature on startup. I'll post the links for the Anti-Virus programs when we complete this troubleshooting endeavor.

When you started this thread, you weren't running ANY antivirus program on board, only an the on-demand scanner "Stinger"...which, by the way, isn't recommended for use for anything other than removing specific viruses. It's database is a mere 6 plus thousand signatures when in today's world, there are actually millions of virus threats. In spite of this, you seem to have gotten along fine so, although I personally recommend against this type of behavior, you are unable to get along well with the Microsoft Security Essentials antivirus program which WAS recommended.

That said, since we've already established the expectations we both have regarding this help session, then I'd say it's indeed safe for you to continue as of now, without any other security software installed until we complete our analysis of log findings from the utilities we are recommending.

I am concerned because I use this CutePDFWriter program. Any alternatives?

I may be missing something through the directions regarding Windows Defender, but I can not seem to locate it through the directions in the link.

Thank You.

Click start--->type "Windows Defender" in the Search programs and files box. As to the alternative to CutePDF writer, tell us, do you use this to actually write PDF files? If not, what do you use it for?

nirsmar

Posted 25 May 2013 - 09:17 AM

nirsmar

Member

Topic Starter

Member

67 posts

Hi 1972Vet:

I conducted a search through the -search results- by START>SEARCH>ALL FILES AND FOLDERS and nothing came back with the term "Windows Defender"

The CutePDFWriter (freeware version) installs itself as a "printer subsystem" and it is used to create .pfd files from any printable document. For example, I could use the program to print out these directions by clicking on FILE>PRINT in IE and then select the Cutepdfwriter (freeware version) and it would convert it to a .pdf file. If a forum member can recommend an alternative that would be fine. You may learn more about the program to get a better idea at http://cutepdf.com/P...PDF/writer.asp.

I ran the ComboFix program. But as it was running a window popped up with the following:

pev.3XE has encountered a problem and needs to close. We are sorry for the inconvenience.

Posted 28 May 2013 - 01:44 PM

nirsmar

Posted 01 June 2013 - 01:12 PM

nirsmar

Member

Topic Starter

Member

67 posts

Hello 1972Vet:

Really. The only one that has the report results this way. Interesting? That does not sound so good. I would say that the items which we have been discussing are the primary issues? Thank You for your assistance.